Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

Commit aacfcf8

Browse files
committed
Merge pull request #53 from lrytz/travisV2
Improved tag-driven publishing, cross-build for 2.11 and 2.12
2 parents aa98174 + acb60c6 commit aacfcf8

14 files changed

+160
-81
lines changed

‎.travis.yml‎

Lines changed: 10 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -2,23 +2,21 @@ language: scala
22

33
env:
44
global:
5-
- PUBLISH_JDK=openjdk6 # admin/build.sh only publishes when running on this jdk
6-
# Don't commit sensitive files, instead commit a version encrypted with $SECRET,
7-
# this environment variable is encrypted with this repo's private key and stored below:
8-
# (See http://docs.travis-ci.com/user/environment-variables/#Secure-Variables.)
9-
- secure: ZEAhn8ozGqcQxvJD7/G3ifou2Vl7OkNzUXM15aKy0FbqLMOzsx3hAKsWEM6e/6d/7phDkiZisers+HOlt3nLwu75M3QLGm5lo4moJJJyx17omlrBQ7+M/hu3ZxqNRCE8oNI41V3pc+ZJQsY1qA7at4NPJbnAXx9sUUO2lGmc4xI=
5+
- PUBLISH_JDK=openjdk6
6+
# PGP_PASSPHRASE
7+
- secure: "SkBtn/6OjEldoikn0MFuyeLT/pau27kwKSDYTVQeJ4BKDzdWLwLE5Q3RukLGttIfNdhOvRoocpQSW9GkZfibTHmwrRnAokucfZCqTsKbwoOp1xIoOh5GrrVrB6gcP7WBTKinqFdBgSvLOrP7GviImz4ZuB9wq1r+mToGG4pDrXc="
8+
# SONA_USER
9+
- secure: "JSv/Er6q1XtTpRH1bpU63YBf7ufwg0vW+Kv/udQBtr8YX/P3gRYC1x6hW4uwftaKMYh7wXDkfNy51SRpH3kUptdJvjPUifVElyPiYlsumetmD+rZJmxX6agx+U5pdjIXPqPoton9MdSVHNTROeTu339bDak0Z+N5ht5wRfjP7F4="
10+
# SONA_PASS
11+
- secure: "OIVtcj7AHZr8Grpf03ZmZsygcADewiYIvSnRwLYCx+5AqOzs39EZ68DsIOxi7wEXVUbVj5RvLXpKzLX3iN+UszLOQRoFPFQyyn+3Y50f8T2aRxdZtInzXn0sCVTj4Hhd/zbKl1W+2Nh3Sqazab7tFoQVzEyYqhcPeiNRMF7h+aY="
12+
13+
script: admin/build.sh
1014

11-
script:
12-
- admin/build.sh
13-
scala:
14-
- 2.11.6
1515
jdk:
1616
- openjdk6
1717
- openjdk7
18+
1819
notifications:
1920
email:
2021
- adriaan.moors@typesafe.com
2122
- antoine@gourlay.fr
22-
23-
# if we get weird timeouts, see https://github.com/spray/spray/pull/233
24-
# 'set concurrentRestrictions in Global += Tags.limit(Tags.Test, 1)'

‎admin/README.md‎

Lines changed: 61 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,61 @@
1+
## Tag Driven Releasing
2+
3+
Copied from https://github.com/scala/scala-java8-compat/commit/4a6cfc97cd95227b86650410e1b632e5ff79335b.
4+
5+
### Background Reading
6+
7+
- http://docs.travis-ci.com/user/environment-variables/
8+
- http://docs.travis-ci.com/user/encryption-keys/
9+
- http://docs.travis-ci.com/user/encrypting-files/
10+
11+
### Initial setup for the repository
12+
13+
To configure tag driven releases from Travis CI.
14+
15+
1. Generate a key pair for this repository with `./admin/genKeyPair.sh`.
16+
Edit `.travis.yml` and `admin/build.sh` as prompted.
17+
2. Publish the public key to https://pgp.mit.edu
18+
3. Store other secrets as encrypted environment variables with `admin/encryptEnvVars.sh`.
19+
Edit `.travis.yml` as prompted.
20+
4. Edit `.travis.yml` to use `./admin/build.sh` as the build script,
21+
and edit that script to use the tasks required for this project.
22+
5. Edit `.travis.yml` to select which JDK will be used for publishing.
23+
24+
It is important to add comments in .travis.yml to identify the name
25+
of each environment variable encoded in a `:secure` section.
26+
27+
After all of these steps, your .travis.yml should contain config of the
28+
form:
29+
30+
language: scala
31+
env:
32+
global:
33+
- PUBLISH_JDK=openjdk6
34+
# PGP_PASSPHRASE
35+
- secure: "XXXXXX"
36+
# SONA_USER
37+
- secure: "XXXXXX"
38+
# SONA_PASS
39+
- secure: "XXXXXX"
40+
script: admin/build.sh
41+
42+
If Sonatype credentials change in the future, step 3 can be repeated
43+
without generating a new key.
44+
45+
Be sure to use SBT 0.13.7 or higher to avoid [#1430](https://github.com/sbt/sbt/issues/1430)!
46+
47+
### Testing
48+
49+
1. Follow the release process below to create a dummy release (e.g. 0.1.0-TEST1).
50+
Confirm that the release was staged to Sonatype but do not release it to Maven
51+
central. Instead, drop the staging repository.
52+
53+
### Performing a release
54+
55+
1. Create a GitHub "Release" (with a corresponding tag) via the GitHub
56+
web interface.
57+
2. Travis CI will schedule a build for this release. Review the build logs.
58+
3. Log into https://oss.sonatype.org/ and identify the staging repository.
59+
4. Sanity check its contents
60+
5. Release staging repository to Maven and send out release announcement.
61+

‎admin/build.sh‎

Lines changed: 11 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,7 @@
11
#!/bin/bash
22

3+
set -e
4+
35
# prep environment for publish to sonatype staging if the HEAD commit is tagged
46

57
# git on travis does not fetch tags, but we have TRAVIS_TAG
@@ -9,11 +11,15 @@ if [ "$TRAVIS_JDK_VERSION" == "$PUBLISH_JDK" ] && [[ "$TRAVIS_TAG" =~ ^v[0-9]+\.
911
echo "Going to release from tag $TRAVIS_TAG!"
1012
myVer=$(echo $TRAVIS_TAG | sed -e s/^v//)
1113
publishVersion='set every version := "'$myVer'"'
12-
extraTarget="publish-signed"
13-
14+
extraTarget="+publish-signed"
1415
cat admin/gpg.sbt >> project/plugins.sbt
15-
admin/decrypt.sh sensitive.sbt
16-
(cd admin/ && ./decrypt.sh secring.asc)
16+
cp admin/publish-settings.sbt .
17+
18+
# Copied from the output of genKeyPair.sh
19+
K=$encrypted_5e972ec514e2_key
20+
IV=$encrypted_5e972ec514e2_iv
21+
22+
openssl aes-256-cbc -K $K -iv $IV -in admin/secring.asc.enc -out admin/secring.asc -d
1723
fi
1824

19-
sbt ++$TRAVIS_SCALA_VERSION"$publishVersion" clean update compile test $extraTarget
25+
sbt "$publishVersion" clean update +test +publishLocal $extraTarget

‎admin/decrypt.sh‎

Lines changed: 0 additions & 2 deletions
This file was deleted.

‎admin/encrypt.sh‎

Lines changed: 0 additions & 2 deletions
This file was deleted.

‎admin/encryptAll.sh‎

Lines changed: 0 additions & 19 deletions
This file was deleted.

‎admin/encryptEnvVars.sh‎

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,11 @@
1+
#!/bin/bash
2+
#
3+
# Encrypt sonatype credentials so that they can be
4+
# decrypted in trusted builds on Travis CI.
5+
#
6+
set -e
7+
8+
read -s -p 'SONA_USER: ' SONA_USER
9+
travis encrypt SONA_USER="$SONA_USER"
10+
read -s -p 'SONA_PASS: ' SONA_PASS
11+
travis encrypt SONA_PASS="$SONA_PASS"

‎admin/genKeyPair.sh‎

Lines changed: 41 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,41 @@
1+
#!/bin/bash
2+
#
3+
# Generates a key pair for this repository to sign artifacts.
4+
# Encrypt the private key and its passphrase in trusted builds
5+
# on Travis CI.
6+
#
7+
set -e
8+
9+
# Based on https://gist.github.com/kzap/5819745:
10+
function promptDelete() {
11+
if [[ -f "1ドル" ]]; then
12+
echo About to delete 1ドル, Enter for okay / CTRL-C to cancel
13+
read
14+
rm "1ドル"
15+
fi
16+
}
17+
for f in admin/secring.asc.enc admin/secring.asc admin/pubring.asc; do promptDelete "$f"; done
18+
19+
echo Generating key pair. Please enter 1. repo name 2. scala-internals@googlegroups.com, 3. a new passphrase
20+
echo Be careful when using special characters in the passphrase, see http://docs.travis-ci.com/user/encryption-keys/#Note-on-escaping-certain-symbols
21+
cp admin/gpg.sbt project
22+
sbt 'set pgpReadOnly := false' \
23+
'set pgpPublicRing := file("admin/pubring.asc")' \
24+
'set pgpSecretRing := file("admin/secring.asc")' \
25+
'pgp-cmd gen-key'
26+
rm project/gpg.sbt
27+
28+
echo ============================================================================================
29+
echo Encrypting admin/secring.asc. Update K and IV variables in admin/build.sh accordingly.
30+
echo ============================================================================================
31+
travis encrypt-file admin/secring.asc
32+
rm admin/secring.asc
33+
mv secring.asc.enc admin
34+
35+
echo ============================================================================================
36+
echo Encrypting environment variables. Add each to a line in .travis.yml. Include a comment
37+
echo with the name of the corresponding variable
38+
echo ============================================================================================
39+
read -s -p 'PGP_PASSPHRASE: ' PGP_PASSPHRASE
40+
travis encrypt PGP_PASSPHRASE="$PGP_PASSPHRASE"
41+

‎admin/gpg.sbt‎

Lines changed: 1 addition & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -1,21 +1,2 @@
1-
// only added when publishing:
2-
addSbtPlugin("com.typesafe.sbt" % "sbt-pgp" % "0.8.3")
31

4-
/* There's a companion sensitive.sbt, which was created like this:
5-
6-
1. in an sbt shell when sbt-gpg is loaded, create pgp key in admin/:
7-
8-
set pgpReadOnly := false
9-
pgp-cmd gen-key // use $passPhrase
10-
pgp-cmd send-key <keyIdUsingTabCompletion> hkp://keyserver.ubuntu.com
11-
12-
2. create sensitive.sbt with contents:
13-
14-
pgpPassphrase := Some($passPhrase.toArray)
15-
16-
pgpPublicRing := file("admin/pubring.asc")
17-
18-
pgpSecretRing := file("admin/secring.asc")
19-
20-
credentials += Credentials("Sonatype Nexus Repository Manager", "oss.sonatype.org", $sonaUser, $sonaPass)
21-
*/
2+
addSbtPlugin("com.typesafe.sbt" % "sbt-pgp" % "0.8.3") // only added when publishing, see build.sh

‎admin/publish-settings.sbt‎

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,9 @@
1+
def env(key: String) = Option(System.getenv(key)).getOrElse("")
2+
3+
pgpPassphrase := Some(env("PGP_PASSPHRASE").toArray)
4+
5+
pgpPublicRing := file("admin/pubring.asc")
6+
7+
pgpSecretRing := file("admin/secring.asc")
8+
9+
credentials += Credentials("Sonatype Nexus Repository Manager", "oss.sonatype.org", env("SONA_USER"), env("SONA_PASS"))

0 commit comments

Comments
(0)

AltStyle によって変換されたページ (->オリジナル) /